WordPress Plugin Vulnerabilities

Store Locator < 2.12 - Cross-Site Request Forgery

Description

The store-locator WordPress plugin was affected by a Cross-Site Request Forgery security vulnerability.

Affects Plugins

Plugin icon
store-locator
Fixed in 2.12

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Verified
No
WPVDB ID
461cdcce-10c8-49e6-8a85-e7aead267554

Timeline

Publicly Published
2014-08-01 (about 9 years ago)
Added
2014-08-01 (about 9 years ago)
Last Updated
2015-05-15 (about 9 years ago)

Other

Published
Title
Published
2023-02-22
Title
Auto Affiliate Links < 6.3.0.3 - Settings Update via CSRF
Published
2023-02-03
Title
Auto YouTube Importer <= 1.0.3 - Settings Update via CSRF
Published
2023-10-24
Title
Quill Forms < 3.4.0 - Cross-Site Request Forgery
Published
2021-03-01
Title
WP Travel < 4.4.7 - Cross-Site Request Forgery
Published
2023-10-16
Title
WP Attachments <= 5.0.6 - Arbitrary Settings Update via CSRF